| > I really don't see why someone should be on my shitlist for lying to godaddy dot com or whatever giant registrar unless you consider fudging identifying details about something that really doesn't matter, I think I can see where you are coming from. You seem to compare this with, say, opening a GMail account under an alias, if I understand correctly. However, holding domain names and, at the time, SSL certificates requires a different sort of accountability. I can elaborate on that if you wish, but I trust it won't be necessary. > especially considering he was very openly associated with the project, In the same way that Mr platinumrad or Ms at612 are associated with this discussion? By the use of an alias? > some sort of horrible moral offense. Yes. And please note he did not just lie to the registrar. When he got caught, he went and whined to some journo who published a piece criticising the registrar without bothering to contrast the information first. It all being presented as if it was the registrar in the wrong, when they were following the rules, which are there to protect the public in the first place. This coming from some bloke who was saying "don't trust Google, trust me. Because." > I especially find your taking massive umbridge with fudging personal information baffling given how privacy-minded you otherwise seem. I value my privacy. At the same time, when I enter a contract, I do so in good faith and of course part of it is letting the other party know who I am. > really just makes it seem like the position you've taken against Signal is mostly predicated on some sort of grudge against Marlinspike himself. Yes, you are correct. My apologies if that wasn't clear. I question the ethics, motivation, and competence of this one individual, who happens to be closely associated with said project. > Yes, trashing F-Droid was not a great thing to do To put it mildly. On an incidental note and more generally, have you ever seen him do a mea culpa? > [but] isn't one of the most important goals of a secure messaging application to get people to actually use it and to achieve widespread adoption? I do not know. I would guess not (based on defence experience). But the main point is that him saying "oh sure, it's secure" does not make it secure. He seems to be taking advantage of the public's inherent credulity and lack of awareness of what "security" actually means and involves. We have gone through this discussion already, so for an example of what I consider a better developed and correctly presented security solution, please see the Conversations IM application. > The main lesson I've learned from GPG mail is that a perfectly private means of communication is worth very little if I can't actually convince anyone to use it with me. This is a different, and long discussion, but it is probable that the reason why you are seeing that is the other party having mentally (or formally) done a cost/benefit analysis and deciding that their information is not of such value to justify the extra effort to protect it. Rightly or wrongly. |